Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Checkpoint FW-1 -> Cisco VPN error

from [Matthew West] Network Security [Permanent Link]
Subject: Checkpoint FW-1 -> Cisco VPN error
Date: 22 Dec 2004 01:16:46 -0000 


Hi All

I am getting a rather cryptic message after a successful IKE handshake between 
CP FW-1 R55 and Cisco PIX (the PIX has been happily VPN'ing with another PIX). 
Once the handshake has completed (successfully) and traffic is attempted to be 
routed the CP firewall denies the traffic stating:

encryption failure: Packet was decrypted, but policy says connection should not 
be decrypted

I am using 'simplified mode' VPN configuration and have the external 
interoperable devices as a part of the VPN star config and do not have the tick 
box 'allow key exchange for subnets' ticked either in the global properties or 
the properties of the VPN community.

I did find something after googling for the error message but this was resolved 
by changing settings for MEP's and failover gateways which I do not have in 
this instance.

Any thoughts? Any further info needed?

All help much appreciated.

Matt
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Cisco PIX 515e Multiple VPN Question, Dan Tesch
Next by Date:  HOTBrick LB2vpn update, Chili G.
Previous by Thread:  RE: Tools to check LDAP server connectivity, Wu, Jason
Next by Thread:  Re: Checkpoint FW-1 -> Cisco VPN error, Rob Hughes
Indexes:  [Date] [Thread] [Top] [All Lists]